Gartner: Accelerating Growth – Autonomic Systems
By: Austin Miller
This week, we’re getting deep into the art of designing completely distinct systems that all have very similar and easily confusing names. Autonomous systems, automated systems, and autonomic systems – what are the differences? For Gartner’s team, the world is ready to set up autonomic systems which will revolutionize the way we understand the role of machines in technology. Why does that spell for cybersecurity? Let’s find out.
What are autonomic systems?
Automated systems have been a godsend to cybersecurity pros because they allowed computers to take over the boring stuff or the things that evade human detection. Very useful when the adversary is turning to methods that are specifically designed to trick the fallible human behind the SOC screen. However, autonomic systems are taking things a step further – now instead of just working according to the specifications of the developer or engineer, the system will be able to dynamically modify its own algorithms without software updates.
If you’re like me and had a misspent youth, you might be considering that this is the beginning of the Singularity – machines no longer need us to even set them before performing tasks. But it’s not quite that grand, thankfully. We’re not on the cusp of inventing the Terminator. Instead, this allows intelligent responses to the conditions the machine finds itself in, creating a better response through reinforcement learning and digital twins.
How do autonomic systems work?
As previously mentioned, this great leap forward is based on two key developments – reinforcement learning and digital twins. As shown by Ericsson’s intelligent approach to cellular phone mast connections, these two systems allow for automatic optimization and a more reactive system.
Reinforcement learning
Otherwise known as sequential decision making under uncertainty, reinforcement learning is AI/ML turned to environments where there is a limited amount of knowledge available and with limited feedback that is itself potentially poor in quality. Although the artificial intelligence market is already an extremely large and valuable sector, industry talking heads like Gartner and DeepSense.ai are anticipating that reinforcement – with widespread adoption – could grow the industry to between $3.5 and $5.8 trillion in the coming years.
Why? Because reinforcement learning is taking artificial intelligence to the next level – using limited data sets and feedback to make sequential decisions, which obviously has a great deal of application in the obfuscated world of dealing with the adversary. Microsoft has already started their research into “gamifying machine learning for stronger security models”, including the development of the Python-based OpenAI Gym interface that they have named CyberBattleSim. Obviously, this may not be immediately actionable for everyone right now, but the implications of having automated agents that are driven by reinforcement learning algorithms is an exciting development.
Digital twins
One of the technological phenomena with the most unusual names, digital twins is based in creating parallel virtual models that reflect physical reality. Now, this sounds like it is going to turn into a philosophy thesis, so let’s keep it simple – a physical object has a group of sensors attached to it which allows a computer to build a digital representation of it on a system. When this system is implemented, there are now rich sets of data which directly respond to reality.
Although not as cleanly applicable to cybersecurity as reinforcement learning, digital twins open up interesting conversations about the expanding role of secpros in controlling physical security. With ever expanding types of edge and IoT technologies, this could make managing real, material objects a very simple process.
Now, you ask, “what does this have to do with autonomic systems?” – good question. With decentralized workplaces, we are looking at a world which could potentially get rid of all centralized business components – the entire enterprise could become something which is spread over the length and breadth of a country or continent as is convenient! This need for greater digital security is matched by the need for greater physical security – with the safety of physical endpoints digitized and managed by a self-changing algorithm, the role of the cybersecurity professional will certainly change!
Does this mean that I’ll be out of a job?
Despite the futuristic and impressive leap forward that autonomic systems can offer, this isn’t a threat to the conventional set up we have in the world of cybersecurity. Just like any technological change, some people will be affected by the development of this technology, it will be a streamlining and productivity-boosting change for most.
As many of these changes are still only being implemented in the world of operations, the opportunities are still there for security engineers and C-suite level individuals to take up the mantle of autonomic systems and make a stamp on the world of threat management. The really interesting developments are still on the horizon for secpros.
